VMware Driver Vulnerability in OpenStack Compute by OpenStack
CVE-2014-2573

Currently unrated

Key Information:

Vendor

Openstack
Status
Compute
Vendor
CVE Published:
25 March 2014

What is CVE-2014-2573?

The VMware driver in OpenStack Compute (Nova) versions 2013.2 to 2013.2.2 is susceptible to an improper handling of virtual machine (VM) states. This vulnerability can be exploited by authenticated users who can manipulate the state of a VM by placing it into RESCUE status. Once in this state, users can bypass imposed quota limits and potentially lead to a denial of service by repeatedly requesting the VMs to be put into rescue mode and subsequently deleting the associated images. This manipulation opens the potential for resource consumption issues within the OpenStack environment.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2014/03/21/2
mailing-listx_refsource_MLIST
http://secunia.com/advisories/57498
third-party-advisoryx_refsource_SECUNIA
https://bugs.launchpad.net/nova/+bug/1269418
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.